TY - GEN
T1 - Data protection models for service provisioning in the cloud
AU - Lin, Dan
AU - Squicciarini, Anna
PY - 2010
Y1 - 2010
N2 - Cloud computing enables highly scalable services to be easily consumed over the Internet on an as-needed basis. While cloud computing is expanding rapidly and used by many individuals and organizations internationally, data protection issues in the cloud have not been carefully addressed at current stage. In the cloud, users' data is usually processed remotely in unknown machines that users do not own or operate. Hence, users' fear of confidential data (particularly financial and health data) leakage and loss of privacy in the cloud becomes a significant barrier to the wide adoption of cloud services. To allay users' concerns of their data privacy, in this paper, we propose a novel data protection framework which addresses challenges during the life cycle of a cloud service. The framework consists of three key components: policy ranking, policy integration and policy enforcement. For each component, we present various models and analyze their properties. Our goal is to provide a new vision toward addressing the issues of the data protection in the cloud rather than detailed techniques of each component. To this extent, the paper includes a discussion of a set of general guidelines for evaluating systems designed based on such a framework.
AB - Cloud computing enables highly scalable services to be easily consumed over the Internet on an as-needed basis. While cloud computing is expanding rapidly and used by many individuals and organizations internationally, data protection issues in the cloud have not been carefully addressed at current stage. In the cloud, users' data is usually processed remotely in unknown machines that users do not own or operate. Hence, users' fear of confidential data (particularly financial and health data) leakage and loss of privacy in the cloud becomes a significant barrier to the wide adoption of cloud services. To allay users' concerns of their data privacy, in this paper, we propose a novel data protection framework which addresses challenges during the life cycle of a cloud service. The framework consists of three key components: policy ranking, policy integration and policy enforcement. For each component, we present various models and analyze their properties. Our goal is to provide a new vision toward addressing the issues of the data protection in the cloud rather than detailed techniques of each component. To this extent, the paper includes a discussion of a set of general guidelines for evaluating systems designed based on such a framework.
UR - http://www.scopus.com/inward/record.url?scp=77954893896&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=77954893896&partnerID=8YFLogxK
U2 - 10.1145/1809842.1809872
DO - 10.1145/1809842.1809872
M3 - Conference contribution
AN - SCOPUS:77954893896
SN - 9781450300490
T3 - Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT
SP - 183
EP - 192
BT - SACMAT'10 - Proceedings of the 15th ACM Symposium on Access Control Models and Technologies
T2 - 15th ACM Symposium on Access Control Models and Technologies, SACMAT 2010
Y2 - 9 June 2010 through 11 June 2010
ER -